Before going dark, the Russia-based gang attracted attention from the White House for two attacks that disrupted U.S. supply chains: the May breach at global meat supplier JBS that netted a reported $11 million payment, and a July hack on the software company Kaseya that immobilized hundreds of clients, some for months.
Almost immediately, several affiliates opened arbitration cases against the group on illicit forums. One hacker“Boriselcin” claimed on the XSS forum that the REvil owed him money before it disappeared. While the two parties quickly resolved the case, not all disputes end so quietly, according to researchers who study dark web forums.
The arbitration process, which is meant to maintain a semblance of order in a community that operates outside the law, provides a valuable look at the processes that keep the hacker underground running. The process often leads to